androiddigital-signaturebouncycastlesmartcardcontactless-smartcard

Error "Malformed content." in Signature Verification


I want to verify my signature. My signature is a byte array. I use spongy castle

I get error :

"org.spongycastle.cms.CMSException: Malformed content."

This is my code:

String base64 = Base64.toBase64String(signedchallenge);
CMSSignedData cms = new CMSSignedData(Base64.decode(base64));
Store store = cms.getCertificates();
SignerInformationStore signers = cms.getSignerInfos();
Collection c = signers.getSigners();

I get error in line :

" CMSSignedData cms = new CMSSignedData(Base64.decode(base64));"

I also used this method for signed challenge generation. I did it in smart cart

Signature signature=Signature.getInstance(Signature.ALG_RSA_SHA_PKCS1,false);
signature.init(thePrivateKey,Signature.MODE_SIGN);
signLength=signature.sign(buffer,(short)(ISO7816.OFFSET_CDATA & 0xFF), inputlength, buffer, (short)(0));
apdu.setOutgoingAndSend((short)0,signLength);

Solution

  • According to javacard documentation

    ALG_RSA_SHA_PKCS1 generates a 20-byte SHA digest, pads the digest according to the PKCS#1 (v1.5) scheme, and encrypts it using RSA

    To verify the signature in Android side use this code

    Signature sig = Signature.getInstance("SHA1withRSA");
    sig.initVerify(publicKey);
    sig.update(challenge);
    boolean verifies = sig.verify(signedchallenge);
    

    Where signedchallenge is the signature available on buffer from (short)(ISO7816.OFFSET_CDATA & 0xFF) to signLength and challenge is the original data to sign